CVE-2021-44528 PoC — Rails Action Pack 输入验证错误漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-44528.yaml

Associated Vulnerability

Title:Rails Action Pack 输入验证错误漏洞 (CVE-2021-44528)
Description:Rails Action Pack是美国Rails社区的一个web框架。提供了路由机制（将请求URL映射到动作），定义实现动作的控制器以及通过渲染视图（各种格式的模板）生成响应的机制。 Action Pack 存在输入验证错误漏洞，该漏洞源于Action Pack >= 6.0.0中存在一个开放重定向漏洞，攻击者可利用该漏洞制造一个“X-Forwarded-Host”头，并结合某些“允许的主机”格式，从而导致Action Pack中的主机授权中间件将用户重定向到恶意网站。

Description

Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.

File Snapshot


 id: CVE-2021-44528

info:
  name: Open Redirect in Host Authorization Middleware
  author: geeknik
 

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!